Classifications

• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06F—ELECTRIC DIGITAL DATA PROCESSING
  • G06F12/00—Accessing, addressing or allocating within memory systems or architectures
  • G06F12/14—Protection against unauthorised use of memory or access to memory
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06F—ELECTRIC DIGITAL DATA PROCESSING
  • G06F12/00—Accessing, addressing or allocating within memory systems or architectures
  • G06F12/14—Protection against unauthorised use of memory or access to memory
  • G06F12/1416—Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
  • G06F12/1425—Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block
  • G06F12/1441—Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block for a range

Definitions

• the currently running program has control over the computer or the memory and other peripheral devices contained in it and connected to it. This means, inter alia, that the address of a memory which is contained in a program instruction is always jumped to, irrespective of whether the memory area containing this address should be available to the program or not.
• MMU memory management unit
• Each application receives an entry in the MMU, whereby it is recorded in which memory the application is located, at which address it starts, how long it is and which access rights exist.
• the user must enter this data when writing his application or program into the memory of the microcomputer.
• the application program then only has access rights to memory areas within the start address specified by the above and length defined range.
• the entry in the MMU thus describes a property of a program stored in a data storage segment.
• the area in which this entry is located in the MMU is therefore called the segment descriptor.
• Each call of an address by the program is checked by the MMU and the call is only granted if the address is within the permitted range, otherwise the program run is aborted or an error message is issued.
• the user programs usually have subroutines. It often happens that different users require the same subroutines and, as a result of the safety precautions explained above, these subroutines are present several times. This requires an unnecessarily large amount of storage space.
• the object of the present invention is therefore to specify a microprocessor which allows access by user programs to library programs, but is protected against manipulation.
• the microcomputer according to the invention is not a direct one
• a vector number is specified in the call command in addition to the name of the MMU segment descriptor describing the library program.
• the name of the MMU segment descriptor can be a number or a name, for example.
• the MMU checks whether the specified vector number occurs at all and whether it belongs to the library program called up. If the test result is positive, access to a vector memory area is permitted, the start address and length of which are stored in the MMU segment descriptor. Only in this vector memory area, which contains the vector number on the one hand, is there also a jump address or the address of a jump command - that is, a vector - to the library program start address. This effectively prevents a user from jumping directly into the library program and possibly bypassing safety routines.
• FIG. 1 shows a block diagram of a microcomputer in a schematic representation
• Figure 2 shows a schematic representation of the assignment of user programs to the contents of the MMU segment descriptors
• Figure 3 shows a schematic representation of the way to call a library program.
• FIG. 1 shows the components of a microcomputer in a highly schematic manner.
• a central processing unit CPU is connected to a memory management unit MMU via an address bus.
• the MMU is in turn connected to the microcomputer-internal address bus, to which the memories ROM, RAM and EEPROM and an input / output unit I / O are connected.
• Any other units customary in microcomputers can also be present, but these are not shown since they have no relation to the invention.
• the control and data buses were also not shown.
• the microcomputer according to the invention should have all the components necessary for its function, known from the prior art.
• the CPU creates logical addresses on the MMU, while the MMU determines the physical addresses from them and applies them to the memories.
• the MMU is equipped with memory locations for segment descriptors in which the start address, length and access rights assigned to an application program A, B are entered.
• the MMU will also have an adder, not shown, in order to be able to determine the physical address from the logical address by adding the start address of a user program.
• the segments for two user programs A and B are shown by way of example, program A starting at an address 50,000 and having a length of 3,500 addresses, while program B starting at an address 120,000 and having a length of 5,000 addresses.
• addresses between 0 and 3,499 are called up according to the length of the program. These logical addresses are fed to the MMU, which adds the initial value 50,000 and applies the physical address thus obtained to the internal address bus.
• the MMU previously checks whether the logical address is in the address area that corresponds to the length stored in the MMU segment descriptor.
• the MMU segment descriptor can be designed as a memory register, for example. For this check, comparators (not shown) are available in the MMU, to which the current address on the one hand and the edge addresses of the current program on the other are created. If the program calls a higher or a lower address, an abort or an error message or something similar occurs.
• Access rights are entered in a further area of an MMU segment descriptor, so that it can be determined whether certain address areas can only be read or read and write accessed.
• FIG. 3 now shows the expansion of a known microcomputer according to the invention.
• a memory area is also provided here for subroutines accessible to all users, that is to say a library program memory area. Any memory can be used for this.
• FIG. 3 shows a write and an erase program in the library program memory at the addresses 1,050 and 3,000.
• a user program cannot jump to these addresses directly, since otherwise an undefined entry into these programs would be possible - bypassing safety precautions.
• a vector memory area is provided in which vector numbers and the associated start addresses of the library programs are entered as jump destinations (vectors) 1050, 3000.
• the address of a jump instruction leading to the subroutine could also be stored.
• the name of the subroutine can be entered as an identifier, as shown in Figure 3. However, this is not necessary.
• a user does not find out the actual physical address of a library program.
• this also has the advantage that these programs can be moved as required by the operating system without the user programs having to be changed. Then only the jump destination in the vector memory area has to be changed.
• Every library program memory area can be entered in the MMU just like any other program.
• each library program memory area is assigned a vector memory area in which the vectors are entered on the library programs located in the library program memory area. The entry is made by specifying the start address and length of the vector memory area.
• the vector memory area can also be entered in a segment descriptor of the MMU, in which case the start address and length of the library program memory area are entered in the segment descriptor. It is also possible to combine the vector memory area and the library program memory area and in
• Segmant descriptor to specify a start address and two lengths.
• the library program is called by a user program by specifying the MMU segment descriptor name, such as the library program name or a number and the vector number.
• the MMU then checks whether the vector number even exists in the vector memory area and whether the called program name matches the entry assigned to the vector number. The corresponding address is only addressed in the vector memory area if the result of the test is positive, and only then does it jump to the library program itself.

Landscapes

• Engineering & Computer Science (AREA)
• Theoretical Computer Science (AREA)
• Computer Security & Cryptography (AREA)
• Physics & Mathematics (AREA)
• General Engineering & Computer Science (AREA)
• General Physics & Mathematics (AREA)
• Storage Device Security (AREA)
• Executing Machine-Instructions (AREA)
• Stored Programmes (AREA)
• Communication Control (AREA)
• Document Processing Apparatus (AREA)
• Bus Control (AREA)

Applications Claiming Priority (3)

Publications (2)

Family

ID=7822960

Family Applications (1)

Country Status (11)

Families Citing this family (6)

Family Cites Families (7)

• 1997
  • 1997-03-11 DE DE19709975A patent/DE19709975C2/de not_active Expired - Fee Related
• 1998
  • 1998-02-05 RU RU99121188/09A patent/RU2198424C2/ru not_active IP Right Cessation
  • 1998-02-05 BR BR9808847-5A patent/BR9808847A/pt not_active IP Right Cessation
  • 1998-02-05 WO PCT/DE1998/000319 patent/WO1998040821A1/fr active IP Right Grant
  • 1998-02-05 EP EP98909336A patent/EP0966711B1/fr not_active Expired - Lifetime
  • 1998-02-05 JP JP53904898A patent/JP3369190B2/ja not_active Expired - Fee Related
  • 1998-02-05 DE DE59814378T patent/DE59814378D1/de not_active Expired - Lifetime
  • 1998-02-05 KR KR10-1999-7008214A patent/KR100416447B1/ko not_active IP Right Cessation
  • 1998-02-05 CN CN98803238A patent/CN1130640C/zh not_active Expired - Lifetime
  • 1998-02-05 AT AT98909336T patent/ATE437404T1/de not_active IP Right Cessation
  • 1998-05-02 UA UA99095020A patent/UA55445C2/uk unknown
• 1999
  • 1999-09-13 US US09/395,998 patent/US6487649B1/en not_active Expired - Lifetime

Non-Patent Citations (1)

Also Published As

Similar Documents

Legal Events